• DocumentCode
    2320930
  • Title

    Fast pattern matching in compressed data packages

  • Author

    Berger, Michael S. ; Mortensen, Brian B.

  • Author_Institution
    DTU Fotonik, Tech. Univ. of Denmark, Lyngby, Denmark
  • fYear
    2010
  • fDate
    6-10 Dec. 2010
  • Firstpage
    1591
  • Lastpage
    1595
  • Abstract
    This paper targets deep packet classification (Layer 4-7) for applications within Firewalls and Intrusion Detection/prevention systems (IDS/IPS). Specifically targeting string matching applications, this paper will focus on processing of web-content, HTTP, at high speed (>;10 Gigabit). The main contribution of this work is in the field of combined payload search and HTTP decompression. In general, decompression is difficult to perform at wire-speed due to the additional data-amounts generated, which means that a decompressed 10 Gbit/s link could contain e.g. 30-40 Gigabit data. This paper presents a method which makes it is possible to find a match in the data packages of the data stream without the need for searching in the decompressed data stream, thereby avoiding the possibility of "data explosions".
  • Keywords
    authorisation; data compression; hypermedia; pattern classification; string matching; HTTP; Web-content processing; compressed data packages; data explosions; deep packet classification; firewalls; intrusion detection systems; intrusion prevention systems; pattern matching; string matching; Compressed data; Firewall; HTTP; Intrusion detection; Pattern Match; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    GLOBECOM Workshops (GC Wkshps), 2010 IEEE
  • Conference_Location
    Miami, FL
  • Print_ISBN
    978-1-4244-8863-6
  • Type

    conf

  • DOI
    10.1109/GLOCOMW.2010.5700208
  • Filename
    5700208
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2320930